<?php
    namespace App\Controllers;

    use Framework\Database;
    use Framework\Validation;
    use Framework\Session;

    class UserController{
        protected $db;

        public function __construct(){
            $config = require basePath('config/db.php');
            $this->db = new Database($config);
        }

        public function login(){
            loadView('users/login');
        }

        public function create(){
            loadView('users/create');
        }

        public function store(){
            $name = $_POST['name'];
            $email = $_POST['email'];
            $city = $_POST['city'];
            $province = $_POST['province'];
            $password = $_POST['password'];
            $passwordConfirmation = $_POST['password_confirmation'];

            $errors = [];

            if (!Validation::email($email)) {
                # code...
                $errors['email'] = 'Invalid email';
            }

            if (!Validation::string($name,2,50)) {
                # code...
                $errors['name'] = 'Invalid name';
            }

            if (!Validation::string($password,6,50)) {
                # code...
                $errors['password'] = 'Invalid password';
            }

            if (!Validation::match($password,$passwordConfirmation)) {
                # code...
                $errors['password_confirmation'] = 'Password does not match';
            }

            if (!empty($errors)) {
                # code...
                loadView('users/create',[
                    'errors' => $errors,
                    'user' => [
                        'name' => $name,
                        'email' => $email,
                        'city' => $city,
                        'province' => $province,
                    ]
                ]);

                exit;
            
            } else{
                $params = [
                    'email' => $email
                ];

                $user = $this->db->query('SELECT * FROM users WHERE email = :email',$params)->fetch();

                if ($user) {
                    # code...
                    $errors['email'] = 'Email already exists';
                    loadView('users/create',[
                        'errors' => $errors,
                        
                    ]);

                    exit;
                }

                $params = [
                    'name' => $name,
                    'email' => $email,
                    'city' => $city,
                    'province' => $province,
                    'password' => password_hash($password,PASSWORD_DEFAULT)
                ];

                $this->db->query('INSERT INTO users (name,email,city,province,password) VALUES (:name,:email,:city,:province,:password)',$params);

                $userId = $this->db->conn->lastInsertId();

                Session::set('user',[
                    'id' => $userId,
                    'name' => $name,
                    'email' => $email,
                    'city' => $city,
                    'province' => $province
                ]);

                redirect('/');
            }
            
        }

        public function logout(){
            Session::clearAll();

            $params = session_get_cookie_params();

            setcookie('PHPSESSID', '', time() - 86400, $params['path'], $params['domain']);

            redirect('/');
        }

        public function authenticate(){
            $email = $_POST['email'];
            $password = $_POST['password'];

            $errors = [];

            if (!Validation::email($email)) {
                # code...
                $errors['email'] = 'Invalid email';
            }

            if (!Validation::string($password,6,50)) {
                # code...
                $errors['password'] = 'Invalid password';
            }

            if (!empty($errors)) {
                # code...
                loadView('users/login',[
                    'errors' => $errors,
                ]);
                exit;
            }

            $params = [
                'email' => $email
            ];

            $user = $this->db->query('SELECT * FROM users WHERE email = :email',$params)->fetch();

            if (!$user) {
                # code...
                $errors['email'] = 'Invalid email or password';
                loadView('users/login',[
                    'errors' => $errors,
                ]);
                exit;
            }

            if (!password_verify($password,$user->password)) {
                # code...
                $errors['email'] = 'Invalid email or password';
                loadView('users/login',[
                    'errors' => $errors,
                ]);
                exit;
            }

            Session::set('user',[
                'id' => $user->id,
                'name' => $user->name,
                'email' => $user->email,
                'city' => $user->city,
                'province' => $user->province
            ]);

            redirect('/');

        }
    }
?>